I am hosting several sites (on another host) and moving to a dedicated server on Lunarpages.  Some of these sites are being attacked in a variety of ways.

First it was DDoS attacks, but moving to a dedicated server and vigorously tuning the performance of the sites seems to have mitigated that problem.

Now they are doing some form of attack that eats up all the CPU and memory on the system.  I'm not sure what it is, but there are no SSH logins to the root (other than me), I have the tmp directory stuff done (see other thread), I believe I have all the directories protected correctly, but clearly the machine is compromised.  It just grinds to a halt, and the memory is just slammed.

So, my question is, can anyone give me a pointer to some security best practices?  What could someone be doing that's slamming the machine like that?  Is there some way to audit a machine to see if I have anything open that would allow this kind of thing?

I want to protect this new Lunarpages machine the best I can before I move the sites there.  I appreciate any help you can offer.